ci(deps): update GitHub Actions #115
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![bfra-me[bot]](https://avatars.githubusercontent.com/u/73405151?s=60&v=4){kind=small}
bfra-me
bot
force-pushed
the
renovate/github-actions
branch
from
2a76203
to
614ccca
Compare
bfra-me
bot
force-pushed
the
renovate/github-actions
branch
from
614ccca
to
282919e
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v2.0.6->v2.3.0v2->v2.6.0Release Notes
ossf/scorecard-action (ossf/scorecard-action)
v2.3.0Compare Source
What's Changed
Documentation
New Contributors
Full Changelog: ossf/scorecard-action@v2.2.0...v2.3.0
v2.2.0Compare Source
What's Changed
Scorecard Result Viewer
Thanks to contributions from @cynthia-sg and @tegioz at CLOMonitor, there is a new Scorecard Result visualization page at
https://securityscorecards.dev/viewer/?uri=<project-url>.As an example, you can see our own score visualized here
Checkout our README to learn how to link your README badge to the new visualization page.
Publishing Results
This release contains two fixes which will improve the user experience when
publish_resultsistrueDocs
New Contributors
Full Changelog: ossf/scorecard-action@v2.1.3...v2.2.0
v2.1.3Compare Source
What's Changed
Bug Fixes
Full Scorecard Changelog: ossf/scorecard@v4.10.2...v4.10.5
Full Changelog: ossf/scorecard-action@v2.1.2...v2.1.3
v2.1.2Compare Source
What's Changed
Fixes
Full Changelog: ossf/scorecard-action@v2.1.1...v2.1.2
v2.1.1Compare Source
Scorecard version
This release use Scorecard's v4.10.1
Full Changelog: ossf/scorecard-action@v2.1.0...v2.1.1
v2.1.0Compare Source
What's Changed
Scorecard version
This release uses scorecard v4.10.0.
Improvements
Documentation
New Contributors
Full Changelog: ossf/scorecard-action@v2.0.6...v2.1.0
step-security/harden-runner (step-security/harden-runner)
v2.6.0Compare Source
What's Changed
Release v2.6.0 by @varunsh-coder in https://github.com/step-security/harden-runner/pull/346
This release adds support for self-hosted Virtual Machine runners (e.g. on EC2).
Full Changelog: step-security/harden-runner@v2...v2.6.0
v2.5.1Compare Source
What's Changed
*.actions.githubusercontent.com. GitHub Actions recently started making calls to additional sub-domains for this domain. Please update to this latest version of harden-runner to allow these new endpoints.Full Changelog: step-security/harden-runner@v2...v2.5.1
v2.5.0Compare Source
What's Changed
Release v2.5.0 by @h0x0er and @varunsh-coder in https://github.com/step-security/harden-runner/pull/325
This release:
Full Changelog: step-security/harden-runner@v2...v2.5.0
v2.4.1Compare Source
What's Changed
Release v2.4.1 by @varunsh-coder and @Devils-Knight in https://github.com/step-security/harden-runner/pull/309
This release
Full Changelog: step-security/harden-runner@v2...v2.4.1
v2.4.0Compare Source
What's Changed
Adds support for wildcard domains in
blockmode. e.g. you can add*.data.mcr.microsoft.com:443to the allowed list, and egress traffic will be allowed toeastus.data.mcr.microsoft.com:443andwestus.data.mcr.microsoft.com:443.Link to documentation.
Full Changelog: step-security/harden-runner@v2...v2.4.0
v2.3.1Compare Source
What's Changed
Fixes #279 and #275
Full Changelog: step-security/harden-runner@v2...v2.3.1
v2.3.0Compare Source
What's Changed
The Policy Store helps you manage Harden Runner policies without altering your workflow files.
Full Changelog: step-security/harden-runner@v2...v2.3.0
v2.2.1Compare Source
What's Changed
Harden runner has the ability to automatically detect the cache endpoint used by each job. When Harden runner is used in block mode, this endpoint is added to the list of allowed endpoints. A fix has been implemented to improve this feature by updating the logic used to fetch the cache endpoint. This update involves using code from the actions/cache library to ensure the endpoint is properly retrieved.
Full Changelog: step-security/harden-runner@v2...v2.2.1
v2.2.0Compare Source
v2.1.0Compare Source
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Renovate Bot.